parent
582c0bef84
commit
886193c162
@ -0,0 +1,44 @@
|
||||
import { program } from 'commander'
|
||||
import chalk from 'chalk'
|
||||
|
||||
import { command, execSync, log } from './helpers/command.js'
|
||||
|
||||
/**
|
||||
* create-certificate.js
|
||||
*
|
||||
* creating self signed certifactes for secure Connections
|
||||
*
|
||||
*
|
||||
*/
|
||||
|
||||
// getting hostname
|
||||
const hostname = execSync('hostname').toString().trim()
|
||||
|
||||
// getting arguments and options
|
||||
program
|
||||
.argument('<destination>', 'destination for certificate')
|
||||
|
||||
program.parse(process.argv)
|
||||
|
||||
// getting arguments
|
||||
const destination = program.args[0]
|
||||
|
||||
// creating
|
||||
try {
|
||||
log(chalk.green('Generating CA'))
|
||||
command('openssl genrsa 4096 > ' + destination + '/ca-key.pem')
|
||||
command('openssl req -new -x509 -nodes -days 365000 -key ' + destination + '/ca-key.pem -out ' + destination + '/ca-cert.pem -subj "/CN=' + hostname + '-database-ca"')
|
||||
|
||||
log(chalk.green('Generating Server Certificate'))
|
||||
command('openssl req -newkey rsa:4096 -days 365000 -nodes -keyout ' + destination + '/server-key.pem -out ' + destination + '/server-req.pem -subj "/CN=' + hostname + '-database-server"')
|
||||
command('openssl rsa -in ' + destination + '/server-key.pem -out ' + destination + '/server-key.pem')
|
||||
command('openssl x509 -req -in ' + destination + '/server-req.pem -days 365000 -CA ' + destination + '/ca-cert.pem -CAkey ' + destination + '/ca-key.pem -set_serial 01 -out ' + destination + '/server-cert.pem')
|
||||
|
||||
log(chalk.green('Generating Client Certificate'))
|
||||
command('openssl req -newkey rsa:4096 -days 365000 -nodes -keyout ' + destination + '/client-key.pem -out ' + destination + '/client-req.pem -subj "/CN=' + hostname + '-database-server"')
|
||||
command('openssl rsa -in ' + destination + '/client-key.pem -out ' + destination + '/client-key.pem')
|
||||
command('openssl x509 -req -in ' + destination + '/client-req.pem -days 365000 -CA ' + destination + '/ca-cert.pem -CAkey ' + destination + '/ca-key.pem -set_serial 01 -out ' + destination + '/client-cert.pem')
|
||||
command('openssl verify -CAfile ' + destination + '/ca-cert.pem ' + destination + '/server-cert.pem ' + destination + '/client-cert.pem')
|
||||
} catch(error) {
|
||||
|
||||
}
|
||||
@ -0,0 +1,14 @@
|
||||
import { execSync } from 'node:child_process'
|
||||
|
||||
const log = console.log
|
||||
|
||||
// helper for output command
|
||||
const command = function(value) {
|
||||
log(execSync(value).toString().trim())
|
||||
}
|
||||
|
||||
export {
|
||||
command,
|
||||
execSync,
|
||||
log
|
||||
}
|
||||
@ -1,3 +1,10 @@
|
||||
sudo apt install letsencrypt
|
||||
sudo systemctl status certbot.timer
|
||||
sudo certbot certonly --standalone --agree-tos --preferred-challenges http -d domain-name.com
|
||||
import chalk from 'chalk'
|
||||
import { command, execSync, log } from './helpers/command.js'
|
||||
|
||||
try {
|
||||
log(chalk.green('Installing letsencrypt'))
|
||||
command('apt-get install -y letsencrypt')
|
||||
command('systemctl status certbot.timer')
|
||||
} catch(error) {
|
||||
|
||||
}
|
||||
Loading…
Reference in new issue